We are seeking a skilled Azure Security Engineer to design, implement, and maintain robust security controls across our Azure Gov Cloud environment. In this hands-on role, you will build, strengthen, and maintain our cloud security posture, protect critical workloads, and collaborate with engineering, DevOps, and compliance teams to embed security throughout the development lifecycle.
\nKey responsibilities include: Implementing, designing, and managing security architecture for Azure Government and Commercial deployments. Configuring and optimising Microsoft Defender for Cloud, Microsoft Sentinel, Microsoft Defender for Endpoint, and related services for threat detection, vulnerability management, and automated response. Designing and enforcing identity & access management using Microsoft Entra ID, Privileged Identity Management (PIM), Conditional Access policies, RBAC, and just-in-time access. Securing network architectures with Azure Firewall, Network Security Groups (NSGs), DDoS Protection, Web Application Firewall (WAF), Network Watcher, and private endpoints. Protecting data at rest and in transit via Azure Key Vault, encryption strategies, data classification, and information protection controls. Developing and maintaining security policies, initiatives, and blueprints using Azure Policy and Microsoft Purview for compliance (NIST, FedRAMP, CMMC, STIGs, etc.). Performing threat hunting, incident response, and forensics using Sentinel playbooks, Log Analytics, and KQL queries. Conducting security reviews of Infrastructure as Code (IaC), containers, Kubernetes (AKS), and serverless workloads. Collaborating with developers and architects to implement DevSecOps practices, including secure CI/CD pipelines, code scanning, and secure defaults. Monitoring and remediating security findings, reducing attack surface, and improving overall security posture per the Microsoft Cloud Security Benchmark (MCSB). Deploying configurations and compliance policies to Azure AVD endpoints using Intune and other Azure native services.
\nBasic qualifications include: Active U.S. security clearance (e.g., Secret, Top Secret) or eligibility to obtain one. 3+ years of experience in cloud security, cybersecurity engineering, or related roles (with strong Azure focus). Deep hands-on expertise with core Azure security services: Microsoft Defender suite, Sentinel, Intune, Entra ID, Key Vault, Azure Policy, Firewall, Network Watcher, and Purview. Strong understanding of DLP implementation both in cloud and on endpoints utilising Purview and other Microsoft native controls. Experience implementing security in hybrid/multi-cloud environments. Proficiency in scripting/automation (PowerShell, Azure CLI, Bicep/ARM templates, Terraform). Strong understanding of identity federation, zero-trust principles, encryption, network security, and vulnerability management. Familiarity with compliance frameworks (NIST, FedRAMP, CMMC, STIGs, etc.) and regulatory requirements. Excellent problem-solving, analytical, and communication skills. Strong verbal and written communication skills and the ability to stay composed under pressure.
\nPreferred skills and experience include: Microsoft Certified: Azure Security Engineer Associate (AZ-500), Microsoft Cybersecurity Architect (SC-100). Additional relevant certifications (e.g., CISSP, CCSP, Microsoft Certified: Azure Administrator, AWS Security Specialty, SANS GCPS, SANS GCAD). Deep experience with detection and response engineering and SOC operations. Knowledge of container security (Docker, AKS), secure DevOps, or AI/ML workload protection. Prior experience in government regulations frameworks such as FedRAMP and CMMC.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_9d30cfce-beb","directApply":true,"hiringOrganization":{"@type":"Organization","name":"xAI","sameAs":"https://www.xai.com/","logo":"https://logos.yubhub.co/xai.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/xai/jobs/5050657007","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$180,000 - $440,000 USD","x-skills-required":["Azure Security Engineer","Microsoft Defender for Cloud","Microsoft Sentinel","Microsoft Defender for Endpoint","Azure Key Vault","Azure Policy","Microsoft Purview","Identity & Access Management","Network Security","Data Loss Prevention","Compliance Frameworks","Cloud Security Posture Management","Threat Hunting","Incident Response","Forensics","Infrastructure as Code","Containers","Kubernetes","Serverless Workloads","DevSecOps","CI/CD Pipelines","Code Scanning","Secure Defaults","Microsoft Cloud Security Benchmark"],"x-skills-preferred":["Microsoft Certified: Azure Security Engineer Associate (AZ-500)","Microsoft Cybersecurity Architect (SC-100)","CISSP","CCSP","Microsoft Certified: Azure Administrator","AWS Security Specialty","SANS GCPS","SANS GCAD","Detection and Response Engineering","SOC Operations","Container Security","Secure DevOps","AI/ML Workload Protection","Government Regulations Frameworks"],"datePosted":"2026-04-24T17:05:13.646Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Palo Alto, CA; Washington, D.C."}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Azure Security Engineer, Microsoft Defender for Cloud, Microsoft Sentinel, Microsoft Defender for Endpoint, Azure Key Vault, Azure Policy, Microsoft Purview, Identity & Access Management, Network Security, Data Loss Prevention, Compliance Frameworks, Cloud Security Posture Management, Threat Hunting, Incident Response, Forensics, Infrastructure as Code, Containers, Kubernetes, Serverless Workloads, DevSecOps, CI/CD Pipelines, Code Scanning, Secure Defaults, Microsoft Cloud Security Benchmark, Microsoft Certified: Azure Security Engineer Associate (AZ-500), Microsoft Cybersecurity Architect (SC-100), CISSP, CCSP, Microsoft Certified: Azure Administrator, AWS Security Specialty, SANS GCPS, SANS GCAD, Detection and Response Engineering, SOC Operations, Container Security, Secure DevOps, AI/ML Workload Protection, Government Regulations Frameworks","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":180000,"maxValue":440000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_e1b04487-4c3"},"title":"Security Engineer - Azure Government","description":"We are seeking a skilled Azure Security Engineer to design, implement, and maintain robust security controls across our Azure Gov Cloud environment (including hybrid and multi-cloud scenarios). In this hands-on role, you will build, strengthen, and maintain our cloud security posture, protect critical workloads, and collaborate with engineering, DevOps, and compliance teams to embed security throughout the development lifecycle. You will develop, implement, and leverage Microsoft's native security tools to detect threats, respond to incidents, and ensure alignment with industry standards and regulations. Lastly, you will be required to both achieve and maintain compliance with government regulations such as FedRAMP and CMMC.
\nResponsibilities: Implement, design, and manage security architecture for Azure Government and Commercial deployments (with considerations for DoD IL5\\IL6 and FedRAMP High controls) Configure and optimize Microsoft Defender for Cloud, Microsoft Sentinel, Microsoft Defender for Endpoint, and related services for threat detection, vulnerability management, and automated response Design and enforce identity & access management using Microsoft Entra ID, Privileged Identity Management (PIM), Conditional Access policies, RBAC, and just-in-time access Secure network architectures with Azure Firewall, Network Security Groups (NSGs), DDoS Protection, Web Application Firewall (WAF), Network Watcher, and private endpoints Protect data at rest and in transit via Azure Key Vault, encryption strategies, data classification, and information protection controls Develop and maintain security policies, initiatives, and blueprints using Azure Policy and Microsoft Purview for compliance (NIST, FedRAMP, CMMC, STIGs, etc.) Perform threat hunting, incident response, and forensics using Sentinel playbooks, Log Analytics, and KQL queries Conduct security reviews of Infrastructure as Code (IaC), containers, Kubernetes (AKS), and serverless workloads Collaborate with developers and architects to implement DevSecOps practices, including secure CI/CD pipelines, code scanning, and secure defaults Monitor and remediate security findings, reduce attack surface, and improve overall security posture per the Microsoft Cloud Security Benchmark (MCSB) Deploy configurations and compliance policies to Azure AVD endpoints using Intune and other Azure native services.
\nBasic Qualifications: Active U.S. security clearance (e.g., Secret, Top Secret) or eligibility to obtain one. 3+ years of experience in cloud security, cybersecurity engineering, or related roles (with strong Azure focus). Deep hands-on expertise with core Azure security services: Microsoft Defender suite, Sentinel, Intune, Entra ID, Key Vault, Azure Policy, Firewall, Network Watcher, and Purview. Strong understanding of DLP implementation both in cloud and on endpoints utilizing Purview and other Microsoft native controls. Experience implementing security in hybrid/multi-cloud environments. Proficiency in scripting/automation (PowerShell, Azure CLI, Bicep/ARM templates, Terraform). Strong understanding of identity federation, zero-trust principles, encryption, network security, and vulnerability management. Familiarity with compliance frameworks (NIST, FedRAMP, CMMC, STIGs, etc.) and regulatory requirements. Excellent problem-solving, analytical, and communication skills. Strong verbal and written communication skills and the ability to stay composed under pressure.
\nPreferred Skills and Experience: Microsoft Certified: Azure Security Engineer Associate (AZ-500), Microsoft Cybersecurity Architect (SC-100). Additional relevant certifications (e.g., CISSP, CCSP, Microsoft Certified: Azure Administrator, AWS Security Specialty, SANS GCPS, SANS GCAD). Deep experience with detection and response engineering and SOC operations. Knowledge of container security (Docker, AKS), secure DevOps, or AI/ML workload protection. Prior experience in government regulations frameworks such as FedRAMP and CMMC.
\nITAR Requirements: To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.
\nCompensation and Benefits: $180,000 - $440,000 USD. Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_e1b04487-4c3","directApply":true,"hiringOrganization":{"@type":"Organization","name":"xAI","sameAs":"https://www.xai.io/","logo":"https://logos.yubhub.co/xai.io.png"},"x-apply-url":"https://job-boards.greenhouse.io/xai/jobs/5050657007","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$180,000 - $440,000 USD","x-skills-required":["Azure Security Engineer","Cloud Security","Cybersecurity Engineering","Microsoft Defender","Sentinel","Intune","Entra ID","Key Vault","Azure Policy","Firewall","Network Watcher","Purview","DLP","Identity Federation","Zero Trust Principles","Encryption","Network Security","Vulnerability Management","Compliance Frameworks","Regulatory Requirements","Problem-Solving","Analytical Skills","Communication Skills"],"x-skills-preferred":[],"datePosted":"2026-04-24T13:06:12.281Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Palo Alto, CA; Washington, D.C."}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Azure Security Engineer, Cloud Security, Cybersecurity Engineering, Microsoft Defender, Sentinel, Intune, Entra ID, Key Vault, Azure Policy, Firewall, Network Watcher, Purview, DLP, Identity Federation, Zero Trust Principles, Encryption, Network Security, Vulnerability Management, Compliance Frameworks, Regulatory Requirements, Problem-Solving, Analytical Skills, Communication Skills","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":180000,"maxValue":440000,"unitText":"YEAR"}}}]}